<?php
/*------------------------------------------------------------------------------ 
    Create Date :
    Author    : 
    Copyright(c) 2010 A.D.A Solution. All rights reserved
        
    ------------------------------------------------------------------------------
    Update History:
    Ver.    TRB#             Date          Author       Note
    3.0     coding standard  2010/09/06    QuocBao     Review code,update comment for source
    
------------------------------------------------------------------------------*/

    if(!defined('IN_ADAGPS'))
    {
        die(SYSTEM_ACCESS_DENIED);
    }
    //=======================================================
    global $objTemplate, $arrConfig,$objDbSelect,$objDbUpdate,$maxNoActivity;
    // Kiem tra neu la phuong thuc POST thi xu ly login
   // echo '<pre>';
   // print_r($_POST); die();
    $sHideMethod = isset($_POST['hide_method']) ? $_POST['hide_method'] : 'none';
     $cookie_user = isset($_COOKIE["adagps_user"]) ? $_COOKIE["adagps_user"]:"";
     $cookie_pass = isset($_COOKIE["adagps_pass"])  ? $_COOKIE["adagps_pass"]:"";
     $cookie_auto = isset($_COOKIE["adagps_auto"])   ? $_COOKIE["adagps_auto"]:"";
     $cookie_remember = isset($_COOKIE["adagps_remember"]) ? $_COOKIE["adagps_remember"]:"";
     $cookie_flag =isset($_COOKIE['adagps_flag']) ? $_COOKIE['adagps_flag'] : '';
     $userDisplay='';
     $passDisplay='';
     $rememberDisplay =0;
     $autoDisplay =0;
     $timeSave = time()+3600*30;
    
    if($sHideMethod == 'login'||($cookie_user!='' && $cookie_pass!='' && $cookie_auto==1&&$cookie_flag==1))
    {  

        $sUserName = isset($_POST['txtUserNameLogin']) ? $_POST['txtUserNameLogin'] : $cookie_user;
        $sPass = isset($_POST['txtPasswordLogin']) ? $_POST['txtPasswordLogin'] : $cookie_pass;
        // Them dau thoat vao truoc cac ky tu dac biet
        $sUserName = MyAddSlashes($sUserName);
  
        // Query du lieu tu database
        $sPassEn = MyAddSlashes(EncryptPass($sPass));
        
        $sSqlString =  "select u.*,h.name as hotel_name,h.tbl_postfix as tbl_postfix,h.id as hotel_id,h.active as hotelActive ,h.expire_date
        from tbl_user as u left join tbl_service as h on u.hotel_id = h.id WHERE u.username = '$sUserName' 
        and u.pass = '$sPassEn' and u.active = $sys_active";
       //echo $sSqlString; die();
        $rsResult = $objDbSelect->GetArray($sSqlString);
       // echo $sSqlString; die();
        if(!is_array($rsResult))
        {            // Loi khi query
            MsgBox1(CONNECT_DB_ERR);
            $bLogin = 0;
            Redirect(ROOTURL.'?m=login');
            exit();
        }
        elseif(count($rsResult)==0)
        {
            
            // User khong ton tai
            setcookie('adagps_flag',0,$timeSave);
            MsgBox1('Đăng nhập thất bại, vui lòng thử lại.'); 
            Redirect(ROOTURL.'?m=login');
            exit();
        }
        else
        {
            // them phan nho pass va tu dong dang nhap
           $now = date('Y-m-d').' 23:59:59';
            if($sHideMethod == 'login'){    

                $cookie_auto = isset($_POST['chkAutoLogin'])?1:0;
                $cookie_remember = isset($_POST['chkRemember'])?1:0; 
                if($cookie_auto==1||$cookie_remember==1){
                    $cookie_user = $_POST['txtUserNameLogin'];
                    $cookie_pass = $_POST['txtPasswordLogin']; 
                    $cookie_flag = $cookie_remember;
                }else{
                    $cookie_user = '';
                    $cookie_pass = ''; 
                }          
            }
            if($cookie_remember==1){
                setcookie('adagps_flag',$cookie_flag,$timeSave);
                setcookie('adagps_user',$cookie_user,$timeSave);
                setcookie('adagps_pass',$cookie_pass,$timeSave);
                setcookie('adagps_auto',$cookie_auto,$timeSave);
                setcookie('adagps_remember',$cookie_remember,$timeSave);
            }    

            // them phan nho pass va tu dong dang nhap 
        if($rsResult[0]['hotelActive']=='0'){
               Alert('Báº¡n bá»‹ khÃ³a dá»‹ch vá»¥ web, vui lÃ²ng liÃªn há»‡ Ä‘áº¡i lÃ½.'); 
        }elseif($rsResult[0]['expire_date'] < $now && ($rsResult[0]['power_type_id']==POWER_CUSTOMER||$rsResult[0]['power_type_id']==POWER_SUB_CUSTOMER) ){
              Alert('Ban da het han su dung dich vu, vui long lien he dai ly de dong phi su dung dich vu'); 
        }else{
            $_SESSION['islogin']=1;  
            $_SESSION['current']['user_id']  =  $rsResult[0]['id'];
            $_SESSION['current']['user_name']  =  $rsResult[0]['username'];
            $_SESSION['current']['power_type_id']  =  $rsResult[0]['power_type_id'];
            $_SESSION['current']['hotel_id']  =  $rsResult[0]['hotel_id'];
            $_SESSION['current']['hotel_name']  =  $rsResult[0]['hotel_name'];
            $_SESSION['current']['tbl_postfix'] = $rsResult[0]['tbl_postfix']==''?'':'_'.$rsResult[0]['tbl_postfix'];      
 
        }
         Redirect('index.php') ;                   

        }

    }elseif($cookie_remember==1){
        $userDisplay = $cookie_user;
        $passDisplay = $cookie_pass;
        $rememberDisplay = $cookie_remember;
        $autoDisplay = $cookie_auto;        
    }
    
function Alert($message)
{
    $result =   '<script language="Javascript" type="text/javascript">' . "alert('$message');</script>";
    echo $result;
    return;
}
